Cyrus imap, virtual domains and ldap authentication

John Arthur lists at
Mon May 10 07:33:13 EDT 2004

> I have never used virtual domains so I don't know about that. I'm using
> both methods in different configurations and they both work well. However,
> I think for virtual domains, you have to use 'sasl_pwcheck_method: ldap'
> because pam doesn't handle what you want.
> Simon

Hi Simon,

Your Cyrus rpms are very much appreciated thank's very much.

Well I appear to have virtual domains working on redhat 9.

This is what I did.

I got the cyrus-sasl rpms from Fedora Core 1 and rebuilt them on Redhat 9
with ldap support added in (it's off by default).

Changed the saslauthd mech from shadow to ldap.

Created /etc/saslauthd.conf
ldap_servers: ldap://
ldap_bind_dn: cn=Manager,dc=domain,dc=net
ldap_bind_pw: supersecret
ldap_scope: sub
ldap_search_base: dc=domain,dc=net
ldap_auth_method: bind

Used saslauthd in /etc/imapd.conf

#sasl_pwcheck_method: auxprop
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN


I have different ou's for each domain in my ldap server and each user has a
uid=user at uid=user at uid=user at

Now I just have to go through and tighten up the security ;-)


Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list